Description
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
Products
- Microsoft Internet Explorer 4.x
- Microsoft Internet Explorer 5
- Microsoft Outlook
- Microsoft Outlook
- Microsoft Outlook for Android
- Microsoft Outlook for iPhone OS
- Microsoft Outlook 2000
- Microsoft Outlook 2000 sp2
- Microsoft Outlook 2000 sp3
- Microsoft Outlook 2000 Service Pack 4
- Microsoft Outlook 2000 sr1
- Microsoft Outlook 2002
- Microsoft Outlook 2002 sp1
- Microsoft Outlook 2002 sp2
- Microsoft Outlook 2002 Service Pack 3
- Microsoft Outlook 2003
- Microsoft Outlook 2003 sp1
- Microsoft Outlook 2003 Service Pack 3
- Microsoft Outlook 2007
- Microsoft Outlook 2007 Service Pack 1
- Microsoft Outlook 2007 Service Pack 2
- Microsoft Outlook 2007 sp3
- Microsoft Outlook 2010 sp1 x64 (64bit)
- Microsoft Outlook 2010 sp1 x64 (64bit)
- Microsoft Outlook 2010 x86 (32bit)
- Microsoft Outlook 2010 Service Pack 2
- Microsoft Outlook 2010 sp2 x64 (64bit)
- Microsoft Outlook 2010 sp2 x64 (64bit)
- Microsoft Outlook 2010 sp2 x86 (32bit)
- Microsoft Outlook 2011 for Mac Os X
- Microsoft Outlook 2013
- Microsoft Outlook 2013 RT Edition
- Microsoft Outlook 2013 - - Edition - Edition for -
- Microsoft Outlook 2013 x64 (64-bit)
- Microsoft Outlook 2013 x86 (32-bit)
- Microsoft Outlook 2013 Service Pack 1
- Microsoft Outlook 2013 Service Pack 1 - Edition
- Microsoft Outlook 2013 Service Pack 1 RT Edition
- Microsoft Outlook 2016
- Microsoft Outlook 2016 on x64
- Microsoft Outlook 2016 on x86
- Microsoft Outlook 2016 for Android
- Microsoft Outlook 2016 Mac OS X
- Microsoft Outlook 2016 for macOS
- Microsoft Outlook 3.12.0 for iPhone OS
- Microsoft Outlook 3.13.0 iPhone OS
- Microsoft Outlook 3.14.0 for iPhone OS
- Microsoft Outlook 3.15.0 for iPhone OS
- Microsoft Outlook 3.16.0 for iPhone OS
- Microsoft Outlook 3.17.0 for iPhone OS
- Microsoft Outlook 3.17.1 for Iphone Os
- Microsoft Outlook 3.18.0 for iPhone OS
- Microsoft Outlook 3.20.0 for iPhone OS
- Microsoft Outlook 3.21.0 for iPhone OS
- Microsoft Outlook 3.22.0 for iPhone OS
- Microsoft Outlook 3.22.1 for iPhone OS
- Microsoft Outlook 3.23.0 for iPhone OS
- Microsoft Outlook 3.24.0 for iPhone OS
- Microsoft Outlook 3.24.1 for iPhone OS
- Microsoft Outlook 3.25.0 for iPhone OS
- Microsoft Outlook 3.26.0 for iPhone OS
- Microsoft Outlook 3.27.0 for iPhone OS
- Microsoft Outlook 3.27.1 for iPhone OS
- Microsoft Outlook 3.28.0 for iPhone OS
- Microsoft Outlook 3.29.0 for iPhone OS
- Microsoft Outlook 3.30.0 for iPhone OS
- Microsoft Outlook 3.31.0 for iPhone OS
- Microsoft Outlook 3.32.0 for iPhone OS
- Microsoft Outlook 3.33.0 for iPhone OS
- Microsoft Outlook 97
- Microsoft Outlook 98
- Microsoft Outlook XP
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2000-0160, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2000-0160 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References